SVG Loader Cross-Site Scripting Vulnerability

SVG Loader is a simple JS library that uses XHR to fetch SVG and injects SVG code into the location of the tag. A cross-site scripting vulnerability exists in SVG Loader version 1.6.8 and prior versions, which stems from insufficient input cleanup logic and can be easily bypassed...

ILIAS Cross-Site Scripting Vulnerability (CNVD-2017-05243)

ILIAS is a Web-based learning management system developed by the ILIAS team. The system contains modules for course management, file sharing, and live chat. A cross-site scripting vulnerability exists in ILIAS versions prior to 5.2.3. A remote attacker can exploit this vulnerability to inject...